subtree updatesnanbield

meta-arm: 79c52afe74..9a4ae38e84: Emekcan Aras (1): arm-bsp/optee: Improve PIN counter handling robustness Harsimran Singh Tungal (2): corstone1000:arm-bsp/tftf: Fix tftf tests on mps3 arm-bsp/tf-a-tests: fix corstone1000 Ross Burton (2): arm-bsp/documentation: upgrade Sphinx slightly CI: use https: to fetch meta-virtualization meta-openembedded: 2da6e1b0e4..da9063bdfb: Changqing Li (2): postgresql: upgrade 15.4 -> 15.5 redis: upgrade 6.2.13 -> 6.2.14 Khem Raj (1): webkitgtk3: upgrade 2.42.0 -> 2.42.1 Meenali Gupta (1): nginx: upgrade 1.25.2 -> 1.25.3 Mingli Yu (1): mariadb: Upgrade to 10.11.6 Wang Mingyu (5): strongswan: upgrade 5.9.12 -> 5.9.13 webkitgtk3: upgrade 2.42.1 -> 2.42.2 webkitgtk3: upgrade 2.42.2 -> 2.42.3 webkitgtk3: upgrade 2.42.3 -> 2.42.4 libssh: upgrade 0.10.5 -> 0.10.6 Yi Zhao (1): samba: upgrade 4.18.8 -> 4.18.9 poky: 61a59d00a0..1a5c00f00c: Alassane Yattara (1): bitbake: toaster/toastergui: Bug-fix verify given layer path only if import/add local layer Alexander Kanavin (2): glibc-y2038-tests: do not run tests using 32 bit time APIs icon-naming-utils: take tarball from debian Alexander Sverdlin (1): linux-firmware: upgrade 20231030 -> 20231211 Anuj Mittal (2): base-passwd: upgrade 3.6.2 -> 3.6.3 glib-2.0: upgrade 2.78.1 -> 2.78.3 Baruch Siach (1): contributor-guide: fix lore URL Benjamin Bara (1): glibc: stable 2.38 branch updates Bruce Ashfield (8): linux-yocto/6.1: update to v6.1.69 linux-yocto/6.1: update to v6.1.70 linux-yocto/6.1: update CVE exclusions linux-yocto/6.1: update to v6.1.72 linux-yocto/6.1: update CVE exclusions linux-yocto/6.1: security/cfg: add configs to harden protection linux-yocto/6.1: update to v6.1.73 linux-yocto/6.1: update CVE exclusions Chen Qi (2): sudo: upgrade from 1.9.15p2 to 1.9.15p5 multilib_global.bbclass: fix parsing error with no kernel module split Clay Chang (1): devtool: deploy: provide max_process to strip_execs Enguerrand de Ribaucourt (1): manuals: document VSCode extension Ilya A. Kriveshko (1): dev-manual: update license manifest path Jason Andryuk (3): linux-firmware: Package iwlwifi .pnvm files linux-firmware: Change bnx2 packaging linux-firmware: Create bnx2x subpackage Jeremy A. Puhlman (1): create-spdx-2.2: combine spdx can try to write before dir creation Joao Marcos Costa (1): documentation.conf: fix do_menuconfig description Jonathan GUILLOT (1): udev-extraconf: fix unmount directories containing octal-escaped chars Jose Quaresma (2): go: update 1.20.10 -> 1.20.11 go: update 1.20.11 -> 1.20.12 Joshua Watt (2): rpcbind: Specify state directory under /run classes-global/sstate: Fix variable typo Julien Stephan (1): externalsrc: fix task dependency for do_populate_lic Jörg Sommer (1): documentation: Add UBOOT_BINARY, extend UBOOT_CONFIG Kai Kang (1): xserver-xorg: 21.1.9 -> 21.1.11 Khem Raj (2): tiff: Backport fixes for CVE-2023-6277 tcl: Fix prepending to run-ptest script Lee Chee Yang (5): curl: Fix CVE-2023-46219 qemu: 8.1.2 -> 8.1.4 migration-guide: add release notes for 4.3.2 migration-guide: add release notes for 4.0.16 migration-guide: add release notes for 4.3.3 Markus Volk (1): libadwaita: update 1.4.0 -> 1.4.2 Massimiliano Minella (1): zstd: fix LICENSE statement Maxin B. John (1): ref-manual: classes: remove insserv bbclass Michael Opdenacker (3): contributor-guide: use "apt" instead of "aptitude" release-notes-4.3: fix spacing migration-guides: fix release notes for 4.3.3 Ming Liu (2): grub: fs/fat: Don't error when mtime is 0 qemu.bbclass: fix a python TypeError Mingli Yu (1): python3-license-expression: Fix the ptest failure Peter Kjellerstedt (1): devtool: modify: Handle recipes with a menuconfig task correctly Peter Marko (4): dtc: preserve version also from shallow git clones sqlite3: upgrade 3.43.1 -> 3.43.2 sqlite: drop obsolete CVE ignore zlib: ignore CVE-2023-6992 Richard Purdie (9): pseudo: Update to pull in syncfs probe fix sstate: Fix dir ownership issues in SSTATE_DIR curl: Disable two intermittently failing tests lib/prservice: Improve lock handling robustness oeqa/selftest/prservice: Improve test robustness curl: Disable test 1091 due to intermittent failures allarch: Fix allarch corner case reproducible: Fix race with externalsrc/devtool over lockfile pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept Robert Berger (1): uninative-tarball.xz - reproducibility fix Robert Joslyn (1): gtk: Set CVE_PRODUCT Robert Yang (2): nfs-utils: Upgrade 2.6.3 -> 2.6.4 nfs-utils: Update Upstream-Status Rodrigo M. Duarte (1): linux-firmware: Fix the linux-firmware-bcm4373 FILES variable Ross Burton (4): avahi: update URL for new project location libssh2: backport fix for CVE-2023-48795 cve_check: handle CVE_STATUS being set to the empty string cve_check: cleanup logging Saul Wold (1): package.py: OEHasPackage: Add MLPREFIX to packagename Simone Weiß (5): dev-manual: start.rst: Update use of Download page dev-manual: start.rst: Update use of Download page glibc: Set status for CVE-2023-5156 & CVE-2023-0687 dev-manual: gen-tapdevs need iptables installed gcc: Update status of CVE-2023-4039 Soumya Sambu (1): ncurses: Fix - tty is hung after reset Steve Sakoman (2): poky.conf: bump version for 4.3.3 release build-appliance-image: Update to nanbield head revision Trevor Gamblin (1): scripts/runqemu: fix regex escape sequences Wang Mingyu (9): xwayland: upgrade 23.2.2 -> 23.2.3 libatomic-ops: upgrade 7.8.0 -> 7.8.2 libva-utils: upgrade 2.20.0 -> 2.20.1 kea: upgrade 2.4.0 -> 2.4.1 gstreamer1.0: upgrade 1.22.7 -> 1.22.8 aspell: upgrade 0.60.8 -> 0.60.8.1 at-spi2-core: upgrade 2.50.0 -> 2.50.1 cpio: upgrade 2.14 -> 2.15 gstreamer: upgrade 1.22.8 -> 1.22.9 William Lyu (1): elfutils: Update license information Xiangyu Chen (2): shadow: Fix for CVE-2023-4641 sudo: upgrade 1.9.14p3 -> 1.9.15p2 Yang Xu (1): rootfs.py: check depmodwrapper execution result Yogita Urade (2): tiff: fix CVE-2023-6228 tiff: fix CVE-2023-52355 and CVE-2023-52356 Zahir Hussain (1): cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES baruch@tkos.co.il (1): overlayfs: add missing closing parenthesis in selftest Change-Id: I613697694d0eb51ae9451f7e869b69d6c1ba1fd3 Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
author: Patrick Williams <patrick@stwcx.xyz> 2024-03-01 23:30:19 +0300
committer: Patrick Williams <patrick@stwcx.xyz> 2024-03-02 00:24:34 +0300
commit: 7363086d8a6f87f6c162a314937f1c2e3c063b42 (patch)
tree: f37b4996342d0af75369338b4a1a0fc416c5feeb /poky/documentation/migration-guides/release-notes-4.3.2.rst
parent: d4fa64b8fbad9ed7bef03090adec4a99cf9ecd5b (diff)
download: openbmc-7363086d8a6f87f6c162a314937f1c2e3c063b42.tar.xz
1 files changed, 247 insertions, 0 deletions
diff --git a/poky/documentation/migration-guides/release-notes-4.3.2.rst b/poky/documentation/migration-guides/release-notes-4.3.2.rst
new file mode 100644
index 0000000000..3a40d83bc2
--- /dev/null
+++ b/poky/documentation/migration-guides/release-notes-4.3.2.rst
@@ -0,0 +1,247 @@
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+
+Release notes for Yocto-4.3.2 (Nanbield)
+----------------------------------------
+
+Security Fixes in Yocto-4.3.2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  avahi: Fix :cve:`2023-1981`, :cve:`2023-38469`, :cve:`2023-38470`, :cve:`2023-38471`, :cve:`2023-38472` and :cve:`2023-38473`
+-  curl: Fix :cve:`2023-46218`
+-  ghostscript: Fix :cve:`2023-46751`
+-  grub: fix :cve:`2023-4692` and :cve:`2023-4693`
+-  gstreamer1.0: Fix :cve_mitre:`2023-44446`
+-  linux-yocto/6.1: Ignore :cve_mitre:`2023-39197`, :cve:`2023-39198`, :cve:`2023-5090`, :cve:`2023-5633`, :cve:`2023-6111`, :cve:`2023-6121` and :cve:`2023-6176`
+-  linux-yocto/6.5: Ignore :cve:`2022-44034`, :cve_mitre:`2023-39197`, :cve:`2023-39198`, :cve:`2023-5972`, :cve:`2023-6039`, :cve:`2023-6111` and :cve:`2023-6176`
+-  perl: fix :cve:`2023-47100`
+-  python3-urllib3: Fix :cve:`2023-45803`
+-  rust: Fix :cve:`2023-40030`
+-  vim: Fix :cve:`2023-48231`, :cve:`2023-48232`, :cve:`2023-48233`, :cve:`2023-48234`, :cve:`2023-48235`, :cve:`2023-48236` and :cve:`2023-48237`
+-  xserver-xorg: Fix :cve:`2023-5367` and :cve:`2023-5380`
+-  xwayland: Fix :cve:`2023-5367`
+
+
+Fixes in Yocto-4.3.2
+~~~~~~~~~~~~~~~~~~~~
+
+-  base-passwd: Upgrade to 3.6.2
+-  bind: Upgrade to 9.18.20
+-  binutils: stable 2.41 branch updates
+-  bitbake: command: Make parseRecipeFile() handle virtual recipes correctly
+-  bitbake: lib/bb: Add workaround for libgcc issues with python 3.8 and 3.9
+-  bitbake: toastergui: verify that an existing layer path is given
+-  bluez5: fix connection for ps5/dualshock controllers
+-  build-appliance-image: Update to nanbield head revision
+-  cmake: Upgrade to 3.27.7
+-  contributor-guide: add License-Update tag
+-  contributor-guide: fix command option
+-  cups: Add root,sys,wheel to system groups
+-  cve-update-nvd2-native: faster requests with API keys
+-  cve-update-nvd2-native: increase the delay between subsequent request failures
+-  cve-update-nvd2-native: make number of fetch attemtps configurable
+-  cve-update-nvd2-native: remove unused variable CVE_SOCKET_TIMEOUT
+-  dev-manual: Discourage the use of SRC_URI[md5sum]
+-  dev-manual: layers: update link to YP Compatible form
+-  dev-manual: runtime-testing: fix test module name
+-  devtool: finish/update-recipe: restrict mode srcrev to recipes fetched from SCM
+-  devtool: fix update-recipe dry-run mode
+-  ell: Upgrade to 0.60
+-  enchant2: Upgrade to 2.6.2
+-  ghostscript: Upgrade to 10.02.1
+-  glib-2.0: Upgrade to 2.78.1
+-  glibc: stable 2.38 branch updates
+-  gstreamer1.0: Upgrade to 1.22.7
+-  gtk: Add rdepend on printbackend for cups
+-  harfbuzz: Upgrade to 8.2.2
+-  json-c: fix icecc compilation
+-  kern-tools: bump :term:`SRCREV` for queue processing changes
+-  kern-tools: make lower context patches reproducible
+-  kern-tools: update :term:`SRCREV` to include SECURITY.md file
+-  kernel-arch: use ccache only for compiler
+-  kernel-yocto: improve metadata patching
+-  lib/oe/buildcfg.py: Include missing import
+-  lib/oe/buildcfg.py: Remove unused parameter
+-  lib/oe/patch: ensure os.chdir restoring always happens
+-  lib/oe/path: Deploy files can start only with a dot
+-  libgcrypt: Upgrade to 1.10.3
+-  libjpeg-turbo: Upgrade to 3.0.1
+-  libnewt: Upgrade to 0.52.24
+-  libnsl2: Upgrade to 2.0.1
+-  libsolv: Upgrade to 0.7.26
+-  libxslt: Upgrade to 1.1.39
+-  linux-firmware: add audio topology symlink to the X13's audio package
+-  linux-firmware: add missing depenencies on license packages
+-  linux-firmware: add new fw file to ${PN}-rtl8821
+-  linux-firmware: add notice file to sdm845 modem firmware
+-  linux-firmware: create separate packages
+-  linux-firmware: package Qualcomm Venus 6.0 firmware
+-  linux-firmware: package Robotics RB5 sensors DSP firmware
+-  linux-firmware: package firmware for Qualcomm Adreno a702
+-  linux-firmware: package firmware for Qualcomm QCM2290 / QRB4210
+-  linux-firmware: Upgrade to 20231030
+-  linux-yocto-rt/6.1: update to -rt18
+-  linux-yocto/6.1: cfg: restore CONFIG_DEVMEM
+-  linux-yocto/6.1: drop removed IMA option
+-  linux-yocto/6.1: Upgrade to v6.1.68
+-  linux-yocto/6.5: cfg: restore CONFIG_DEVMEM
+-  linux-yocto/6.5: cfg: split runtime and symbol debug
+-  linux-yocto/6.5: drop removed IMA option
+-  linux-yocto/6.5: fix AB-INT: QEMU kernel panic: No irq handler for vector
+-  linux-yocto/6.5: Upgrade to v6.5.13
+-  linux/cve-exclusion6.1: Update to latest kernel point release
+-  log4cplus: Upgrade to 2.1.1
+-  lsb-release: use https for :term:`UPSTREAM_CHECK_URI`
+-  manuals: brief-yoctoprojectqs: align variable order with default local.conf
+-  manuals: fix URL
+-  meson: use correct targets for rust binaries
+-  migration-guide: add release notes for 4.0.14, 4.0.15, 4.2.4, 4.3.1
+-  migration-guides: release 3.5 is actually 4.0
+-  migration-guides: reword fix in release-notes-4.3.1
+-  msmtp: Upgrade to 1.8.25
+-  oeqa/selftest/tinfoil: Add tests that parse virtual recipes
+-  openssl: improve handshake test error reporting
+-  package_ipk: Fix Source: field variable dependency
+-  patchtest: shorten patch signed-off-by test output
+-  perf: lift :term:`TARGET_CC_ARCH` modification out of security_flags.inc
+-  perl: Upgrade to 5.38.2
+-  perlcross: Upgrade to 1.5.2
+-  poky.conf: bump version for 4.3.2 release
+-  python3-ptest: skip test_storlines
+-  python3-urllib3: Upgrade to 2.0.7
+-  qemu: Upgrade to 8.1.2
+-  ref-manual: Fix reference to MIRRORS/PREMIRRORS defaults
+-  ref-manual: releases.svg: update nanbield release status
+-  useradd_base: sed -i destroys symlinks
+-  rootfs-postcommands: sed -i destroys symlinks
+-  sstate: Ensure sstate searches update file mtime
+-  strace: backport fix for so_peerpidfd-test
+-  systemd-boot: Fix build issues on armv7a-linux
+-  systemd-compat-units.bb: fix postinstall script
+-  systemd: fix DynamicUser issue
+-  systemd: update :term:`LICENSE` statement
+-  tcl: skip async and event tests in run-ptest
+-  tcl: skip timing-dependent tests in run-ptest
+-  test-manual: add links to python unittest
+-  test-manual: add or improve hyperlinks
+-  test-manual: explicit or fix file paths
+-  test-manual: resource updates
+-  test-manual: text and formatting fixes
+-  test-manual: use working example
+-  testimage: Drop target_dumper and most of monitor_dumper
+-  testimage: Exclude wtmp from target-dumper commands
+-  tzdata: Upgrade to 2023d
+-  update_gtk_icon_cache: Fix for GTK4-only builds
+-  useradd_base: Fix sed command line for passwd-expire
+-  vim: Upgrade to 9.0.2130
+-  xserver-xorg: Upgrade to 21.1.9
+-  xwayland: Upgrade to 23.2.2
+
+
+Known Issues in Yocto-4.3.2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- N/A
+
+Contributors to Yocto-4.3.2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  Adam Johnston
+-  Alexander Kanavin
+-  Anuj Mittal
+-  Bastian Krause
+-  Bruce Ashfield
+-  Chen Qi
+-  Deepthi Hemraj
+-  Dhairya Nagodra
+-  Dmitry Baryshkov
+-  Fahad Arslan
+-  Javier Tia
+-  Jermain Horsman
+-  Joakim Tjernlund
+-  Julien Stephan
+-  Justin Bronder
+-  Khem Raj
+-  Lee Chee Yang
+-  Marco Felsch
+-  Markus Volk
+-  Marta Rybczynska
+-  Massimiliano Minella
+-  Michael Opdenacker
+-  Paul Barker
+-  Peter Kjellerstedt
+-  Peter Marko
+-  Randy MacLeod
+-  Rasmus Villemoes
+-  Richard Purdie
+-  Ross Burton
+-  Shubham Kulkarni
+-  Simone Weiß
+-  Steve Sakoman
+-  Sundeep KOKKONDA
+-  Tim Orling
+-  Trevor Gamblin
+-  Vijay Anusuri
+-  Viswanath Kraleti
+-  Vyacheslav Yurkov
+-  Wang Mingyu
+-  William Lyu
+-  Zoltán Böszörményi
+
+Repositories / Downloads for Yocto-4.3.2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`nanbield </poky/log/?h=nanbield>`
+-  Tag:  :yocto_git:`yocto-4.3.2 </poky/log/?h=yocto-4.3.2>`
+-  Git Revision: :yocto_git:`f768ffb8916feb6542fcbe3e946cbf30e247b151 </poky/commit/?id=f768ffb8916feb6542fcbe3e946cbf30e247b151>`
+-  Release Artefact: poky-f768ffb8916feb6542fcbe3e946cbf30e247b151
+-  sha: 21ca1695d70aba9b4bd8626d160111feab76206883cd14fe41eb024692bdfd7b
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/poky-f768ffb8916feb6542fcbe3e946cbf30e247b151.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/poky-f768ffb8916feb6542fcbe3e946cbf30e247b151.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`nanbield </openembedded-core/log/?h=nanbield>`
+-  Tag:  :oe_git:`yocto-4.3.2 </openembedded-core/log/?h=yocto-4.3.2>`
+-  Git Revision: :oe_git:`ff595b937d37d2315386aebf315cea719e2362ea </openembedded-core/commit/?id=ff595b937d37d2315386aebf315cea719e2362ea>`
+-  Release Artefact: oecore-ff595b937d37d2315386aebf315cea719e2362ea
+-  sha: a7c6332dc0e09ecc08221e78b11151e8e2a3fd9fa3eaad96a4c03b67012bfb97
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/oecore-ff595b937d37d2315386aebf315cea719e2362ea.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/oecore-ff595b937d37d2315386aebf315cea719e2362ea.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`nanbield </meta-mingw/log/?h=nanbield>`
+-  Tag:  :yocto_git:`yocto-4.3.2 </meta-mingw/log/?h=yocto-4.3.2>`
+-  Git Revision: :yocto_git:`49617a253e09baabbf0355bc736122e9549c8ab2 </meta-mingw/commit/?id=49617a253e09baabbf0355bc736122e9549c8ab2>`
+-  Release Artefact: meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2
+-  sha: 2225115b73589cdbf1e491115221035c6a61679a92a93b2a3cf761ff87bf4ecc
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.6 </bitbake/log/?h=2.6>`
+-  Tag:  :oe_git:`yocto-4.3.2 </bitbake/log/?h=yocto-4.3.2>`
+-  Git Revision: :oe_git:`72bf75f0b2e7f36930185e18a1de8277ce7045d8 </bitbake/commit/?id=72bf75f0b2e7f36930185e18a1de8277ce7045d8>`
+-  Release Artefact: bitbake-72bf75f0b2e7f36930185e18a1de8277ce7045d8
+-  sha: 0b6ccd4796ccd211605090348a3d4378358c839ae1bb4c35964d0f36f2663187
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/bitbake-72bf75f0b2e7f36930185e18a1de8277ce7045d8.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/bitbake-72bf75f0b2e7f36930185e18a1de8277ce7045d8.tar.bz2
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`nanbield </yocto-docs/log/?h=nanbield>`
+-  Tag: :yocto_git:`yocto-4.3.2 </yocto-docs/log/?h=yocto-4.3.2>`
+-  Git Revision: :yocto_git:`fac88b9e80646a68b31975c915a718a9b6b2b439 </yocto-docs/commit/?id=fac88b9e80646a68b31975c915a718a9b6b2b439>`
+
author	Patrick Williams <patrick@stwcx.xyz>	2024-03-01 23:30:19 +0300
committer	Patrick Williams <patrick@stwcx.xyz>	2024-03-02 00:24:34 +0300
commit	7363086d8a6f87f6c162a314937f1c2e3c063b42 (patch)
tree	f37b4996342d0af75369338b4a1a0fc416c5feeb /poky/documentation/migration-guides/release-notes-4.3.2.rst
parent	d4fa64b8fbad9ed7bef03090adec4a99cf9ecd5b (diff)
download	openbmc-7363086d8a6f87f6c162a314937f1c2e3c063b42.tar.xz